Daniel Underhay

Bypassing Microsoft Defender for Identity Suspicious certificate usage over Kerberos protocol (PKINIT) high severity alert.

A quick post about making a more cost effective cover implant using a common wired mouse.

Explore how GitHub Actions can be leveraged to rotate IP addresses during password spraying attacks to bypass IP-Based blocking such as Entra Smart lockout.

A detailed walkthrough of the process and hurdles faced in leveraging Evilginx3 to conduct a successful phishing campaign on a AD FS protected domain.

A framework for OAuth 2.0 device code authentication grant flow phishing.

How to take over an IoT camera stream.

CVE(s): CVE-2019-8074 Vendor: Adobe Product: ColdFusion Version(s) affected: 2018 Update 4 and earlier versions, 2016 Update 11 and earlier versions Fixed version: 2018 Update 5, 2016 Update 12 Adobe security bulletin details Path Traversal Vulnerability (CVE-2017-5219) # By default, custom applications built using the Adobe ColdFusion platform would block access to the admin portal. Access is restricted (usually) based on IP address, which is added to an allowlist. Any attempts to access the admin portal (for example - https://example.com/CFIDE/administrator/index.cfm), will result in a redirect to the main page of the application.